Enable to give aws credentials file via value #1306
Conversation
|
Code coverage for golang is |
|
/lgtm |
| decryptServiceAccount: | ||
| fileName: sealed-secret-gcpkms-decrypt-service-account | ||
| data: "" | ||
| awsCredentials: |
There was a problem hiding this comment.
Should we put this inside an imageProvider block?
There was a problem hiding this comment.
You intend to clearly distinguish from other use cases (e.g. Lambda Deployment), right? If so, agree with you!
There was a problem hiding this comment.
Then we have to configure credentials for each use-case for specific requirements? 🤔
There was a problem hiding this comment.
Hmm... on second thought I'm begging to feel we don't have to distinguish them as @khanhtc1202 may consider. In the general case, a piped operator prepares an AWS IAM user for piped and attach needed roles. I'd say it's an edge case to separate users by features.
There was a problem hiding this comment.
(FYI: the Go SDK for AWS is load credentials from the environment variables by default. It must be shared in a single process.)
|
/approve |
|
This pull request is APPROVED by Approvers can cancel the approval by writing |
What this PR does / why we need it:
With it we can set the credentials with
--set-file secret.awsCredentials.data=/path/toWhich issue(s) this PR fixes:
Fixes #
Does this PR introduce a user-facing change?: